Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Debugging (Tracing) WMI queries?

Tags:

winapi

wmi

wbem

I've got a third-party program that's making WMI queries to local WMI providers (so it's not using DCOM, so packet-sniffers are out). I'd like to find out what queries these are.

It's also on XP, so the new Vista WMI tracing infrastructure is out, as well, unfortunately.

Any pointers?

like image 385
Roger Lipscombe Avatar asked Dec 05 '25 08:12

Roger Lipscombe

1 Answers

Have you tried setting the WMI logging level to Verbose using wmimgmt.msc? (More info on the MSDN Logging WMI Activity page)

You should then see the queries logged to the %windir%\system32\wbem\logs\wbemcore.log file.

-dave

like image 193
David Gardiner Avatar answered Dec 07 '25 17:12

David Gardiner
Sign in to Comment

Related questions

What does error 112 (disk full) mean while writing on a serial port? [closed]
C++: Setting the console window as a WS_POPUP
Check if handle belongs to the current process?
What is alphablend and what functions are used for it?
How set limited time when calling CreateFile to open a serial port "comX"?
How to check if a file is being used by another application?
how to make checkbox in win32? [closed]
Deleting symlink created by NtCreateSymbolicLinkObject
Where are the option strings for an MFC Combo Box stored?
win32: how stop ReadFile (stdin|pipe)
Windows impersonation token expiration time
C++ Get GDI raw text from another Win32 application
Filtering/Parsing list produced from EnumWindows in C++
Safe KLID For 'Custom' Keyboard Layout?
Win32: IProgressDialog will not disappear until you mouse over it

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!